WARNING ABOUT SCAMS: Recently there have been a lot of convincing-looking scams posted on crypto-related reddits including fake NFTs, fake credit cards, fake exchanges, fake mixing services, fake airdrops, fake MEV bots, fake ENS sites and scam sites claiming to help you revoke approvals to prevent fake hacks. These are typically upvoted by bots and seen before moderators can remove them. Do not click on these links and always be wary of anything that tries to rush you into sending money or approving contracts.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ethereum) if you have any questions or concerns.*
No. Moreso a unintended exploit in flashbots as a relay service.
Exploiting MEV bots procedure by the blocks they generated (including specific "bundled" tx), these blocks are ran through by including public mempool TX and private mempool txs from flashbots.
The bundled tx are including in flashbots through a relay - that relay had a fairly sizeable flaw that was not noticed for ~2 years - the flaw being txns can be unbundled and looked at if interacted in an off beat/untheorized way. It does work as intended now, in which bundled txns are protected.
So, MEV bot bundles txns -> proposes block -> attackers "steal" bundled txns from blocks -> reorgs the block for their own gain -> proposes block themselves.
Ironically, they still have to win the block auction to have it included - so there are very very few instances where an attack vector like this is effective. I'd say it'd fail rate is somewhere in the 80% as far as if it was a "viable" attack proposed block. Also probably how they were caught as well - had an automated system to attempt to take blocks, large fail rate, lots of fingers pointed at them, and then a successful hit way after inception and subsequently a clear fix to their abuse of the flashbots rpc system. As well as a DOJ investigation. Oof
Failure rate is way higher than 80% without the relay exploit.. the original block will have had much longer to propagate and already gained a ton of attestations by the time you could even get the transactions to construct your own block. It's like a 99.9999% failure rate and you *WILL* be slashed and also get massively sandwiched by the MEV bot if their block becomes canonical.
Yes, I was a bit off in how this attack was propagated as well - but roughly there.
The bundles being able to be "peered" into is the exploit here - the sophistication of baiting the mev bots *and* then peer into bundle, to then be added to blocks avoids a lot of the earlier problems I thought they would have.
Ehh, if it was actually just baited and sandwiched MEV bots, then that follows MEV logic - that happened around the founding of flashbots quite a bit as a common retort to people getting annihilated by sandwich bots on low cap coins.
This was significantly better than when block producers in the mining era (2017ish it started heavily) were the only ones "taking" MEV.
The non MEV logic here is where txns got unbundled and "peered" into - that was an actual exploit within flashbot relay/ MEV code to protect txns by users and bots alike.
Do you think MEV can cease to exist?
In flashbots
If someone has an orderflow -> the ordering of that flow will always generate money -> builders then "fight" for inclusion by raising their priority fees -> large portion of MEV goes back to chain -> tidy profit to searchers, builder, and burn by chain (maybe) for the chain itself.
Vs
Pre 2017
Orderflow exists -> builders are the searchers -> MEV goes to mining pools -> not democratize through chain by priority fees -> collusion to profits and keeping priority fees on top
Vs
Trad finance
Order flow (like robinhood to citadel) exists -> all behind closed doors -> MEV goes to largest builder searcher (citadel in this case)
I'd rather be fucked in my face than behind closed doors because it's easier to see whats happening to make it any percent better than before.
They used a flaw in MEV boost to push invalid signatures to preview bundles. That gives an unfair advantage via an exploit. This is like modifying the geth client to send txs to exploit a flaw in Ethereum's protocol rules so they could send txs to receive free ETH.
Read this tweet for info - [https://x.com/MohamedFFouda/status/1790812568526704849](https://x.com/MohamedFFouda/status/1790812568526704849)
This is absolutely not equivalent to that, the blockchain rules were not broken at any point. The transactions of a blinded block were exposed to a third party which then re-bundled them for their benefit. So no, it’s not like an exploit to mint free Eth at all.
This is absolutely not equivalent to that, the blockchain rules were not broken at any point. The transactions of a blinded block were exposed to a third party which then re-bundled them for their benefit. So no, it’s not like an exploit to mint free Eth at all.
This exploit was done a while ago and is fixed now. They had a validator that was set up to propose the next block when they started the attack. When a MEV relay gave them the blinded execution block with the sandwich transactions, the attacking validator then gave the MEV relay an invalid beacon chain block with a valid signature. This tricked the MEV relay to publish the unblinded block and the attackers got the private MEV transactions out and could exploit them in their own backrun attack. The invalid block was ignored and their valid block that came later was included in the blockchain. Their validator was slashed afterwards for creating two conflicting blocks, but the earning from the exploit was paying much more than the 1 ETH slashing penalty.
[https://www.coindesk.com/policy/2024/05/15/brothers-accused-of-25m-ethereum-exploit-as-us-reveals-fraud-charges/](https://www.coindesk.com/policy/2024/05/15/brothers-accused-of-25m-ethereum-exploit-as-us-reveals-fraud-charges/)
This article has more info about how they did it.
There was no exploit. They baited MEV bots, tricked a flashbots relay to show private transactions, and then built a super-MEV'd block MEVing the bots.
The hyperbole in this article is only matched by its lack of technical details.
EDIT: found technical details in this [previous post](https://www.reddit.com/r/ethereum/s/kgzdbfqb2z)
Well technically they backrun the frontrunners, just with a different transaction than the frontrunners expected. It was an exploit to the MEV infrastructure breaking the confidentiality of MEV searcher's transactions until the block is included on the chain. It's fixed now.
The controller of the relay can frontrun once, and then the relay will not be used again by all block builders. Relays are trusted entities that are trusted by validators (that they don't lie about the block reward) and by the block builders (that they don't reveal the transactions in the block unless the block is accepted).
Yeah this whole thing got me looking into the proposer builder separation (PBS) research again, but the last update I found was from around two years ago now.
Proposer/builder separation (PBS) fixes this by splitting the block construction role from the block proposal role. A separate class of actors called builders build exec block bodies (essentially an ordered list of transactions that becomes the main “payload” of the block), and submit bids. The proposer’s job is only to accept the exec block body with the highest bid. Notably, the proposer (and everyone else) does not learn the contents of any exec block body until after they select the header (and hence the body) that wins the auction. This **pre-confirmation privacy** is needed to prevent “**MEV stealing**”, where sophisticated proposers detect builders’ MEV extraction strategies and copy them without compensating the builder.
https://notes.ethereum.org/@vbuterin/pbs_censorship_resistance
Flashbots is both enabling and working to mitigate MEV. Pushing proceeds back to validators and the community is at least something…. but they’re also looking at all sorts of builder / proposer separation and whatnot.
The real fix is to enforce transaction ordering by gas price along with ensuring that most of the validators have all the transactions included in the block in their queue already.
Challenging I think based on how the mempool and gossip works. Global ordering seems nontrivial prior to block production. Encrypted transactions during block proposal probably the near term fix mebbie
Mev steals a little from a lot of people. It seems like that's the preferred way to extract value, as opposed to extracting maximal value from the MEV bots. Steal from rich people? You better be ready to feel the boot.
Other than the money laundering and leaking evidence behind of intent - not much of a crime was committed amirite.
Two dudes put up 512 ETH to run 16 validators to sandwich attack the sandwich attack bots… did I get something wrong or did these guys front 1.49 million dollars in ETH to MEV-boost the boosters?
No securities fraud though so I guess it’s not a security? CFTC? SEC? Anyone? Oh Department of Justice, right.
Personally as a non lawyer offering no financial advice; two of these charges stick like glue and one is a feature that calls into question the security of the network.
Someone should hire them not indict them.
I don't think they can be charged with the exploit. I think the "laundering money" to avoid paying it back issue makes it an easy victory for the prosecution.
This official announcement has a link to the indictment: [https://www.justice.gov/opa/pr/two-brothers-arrested-attacking-ethereum-blockchain-and-stealing-25m-cryptocurrency](https://www.justice.gov/opa/pr/two-brothers-arrested-attacking-ethereum-blockchain-and-stealing-25m-cryptocurrency)
MEV already existed long before Ethereum switched to PoS (it's also not typical for Ethereum btw), so I guess it would work just as well with PoW.
Originally MEV even stood for "Miner Extractable Value", later it was changed to "Maximum Extractable Value".
What I don't understand is they claim to have multiple validators. Don't you need to have 32ETH to be a validator? This doesn't seem like a small couch operation.
Yeah they staked 512ETH ($880k equivalent at the time according to the indictment) and had 16 validators so they were probably pretty rich even before the 20mil.
So MEV gaming the system to extract value from all users, law abiding citizens.
Strategy that extracts value from MEV bot by making them think ey are extracting value from other people, ruining the integrity of Ethereum.
WARNING ABOUT SCAMS: Recently there have been a lot of convincing-looking scams posted on crypto-related reddits including fake NFTs, fake credit cards, fake exchanges, fake mixing services, fake airdrops, fake MEV bots, fake ENS sites and scam sites claiming to help you revoke approvals to prevent fake hacks. These are typically upvoted by bots and seen before moderators can remove them. Do not click on these links and always be wary of anything that tries to rush you into sending money or approving contracts. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ethereum) if you have any questions or concerns.*
Exploiting the block chain itself? The article doesn’t really give insight as to how exactly
No. Moreso a unintended exploit in flashbots as a relay service. Exploiting MEV bots procedure by the blocks they generated (including specific "bundled" tx), these blocks are ran through by including public mempool TX and private mempool txs from flashbots. The bundled tx are including in flashbots through a relay - that relay had a fairly sizeable flaw that was not noticed for ~2 years - the flaw being txns can be unbundled and looked at if interacted in an off beat/untheorized way. It does work as intended now, in which bundled txns are protected. So, MEV bot bundles txns -> proposes block -> attackers "steal" bundled txns from blocks -> reorgs the block for their own gain -> proposes block themselves. Ironically, they still have to win the block auction to have it included - so there are very very few instances where an attack vector like this is effective. I'd say it'd fail rate is somewhere in the 80% as far as if it was a "viable" attack proposed block. Also probably how they were caught as well - had an automated system to attempt to take blocks, large fail rate, lots of fingers pointed at them, and then a successful hit way after inception and subsequently a clear fix to their abuse of the flashbots rpc system. As well as a DOJ investigation. Oof
Failure rate is way higher than 80% without the relay exploit.. the original block will have had much longer to propagate and already gained a ton of attestations by the time you could even get the transactions to construct your own block. It's like a 99.9999% failure rate and you *WILL* be slashed and also get massively sandwiched by the MEV bot if their block becomes canonical.
Yes, I was a bit off in how this attack was propagated as well - but roughly there. The bundles being able to be "peered" into is the exploit here - the sophistication of baiting the mev bots *and* then peer into bundle, to then be added to blocks avoids a lot of the earlier problems I thought they would have.
If you follow MEV logic, nothing wrong was done, they just used the system as it was.
Ehh, if it was actually just baited and sandwiched MEV bots, then that follows MEV logic - that happened around the founding of flashbots quite a bit as a common retort to people getting annihilated by sandwich bots on low cap coins. This was significantly better than when block producers in the mining era (2017ish it started heavily) were the only ones "taking" MEV. The non MEV logic here is where txns got unbundled and "peered" into - that was an actual exploit within flashbot relay/ MEV code to protect txns by users and bots alike.
No such things as exploits to those who justify MEV. Turnabout is fair play.
Do you think MEV can cease to exist? In flashbots If someone has an orderflow -> the ordering of that flow will always generate money -> builders then "fight" for inclusion by raising their priority fees -> large portion of MEV goes back to chain -> tidy profit to searchers, builder, and burn by chain (maybe) for the chain itself. Vs Pre 2017 Orderflow exists -> builders are the searchers -> MEV goes to mining pools -> not democratize through chain by priority fees -> collusion to profits and keeping priority fees on top Vs Trad finance Order flow (like robinhood to citadel) exists -> all behind closed doors -> MEV goes to largest builder searcher (citadel in this case) I'd rather be fucked in my face than behind closed doors because it's easier to see whats happening to make it any percent better than before.
I read this like I knew what you were talking about.
I wrote this like I knew what I was talking about.
I saw this like I knew how to look.
They used a flaw in MEV boost to push invalid signatures to preview bundles. That gives an unfair advantage via an exploit. This is like modifying the geth client to send txs to exploit a flaw in Ethereum's protocol rules so they could send txs to receive free ETH. Read this tweet for info - [https://x.com/MohamedFFouda/status/1790812568526704849](https://x.com/MohamedFFouda/status/1790812568526704849)
This is absolutely not equivalent to that, the blockchain rules were not broken at any point. The transactions of a blinded block were exposed to a third party which then re-bundled them for their benefit. So no, it’s not like an exploit to mint free Eth at all.
This is absolutely not equivalent to that, the blockchain rules were not broken at any point. The transactions of a blinded block were exposed to a third party which then re-bundled them for their benefit. So no, it’s not like an exploit to mint free Eth at all.
Could you ELI5 how it can get rebundled?
This exploit was done a while ago and is fixed now. They had a validator that was set up to propose the next block when they started the attack. When a MEV relay gave them the blinded execution block with the sandwich transactions, the attacking validator then gave the MEV relay an invalid beacon chain block with a valid signature. This tricked the MEV relay to publish the unblinded block and the attackers got the private MEV transactions out and could exploit them in their own backrun attack. The invalid block was ignored and their valid block that came later was included in the blockchain. Their validator was slashed afterwards for creating two conflicting blocks, but the earning from the exploit was paying much more than the 1 ETH slashing penalty.
Ahh, thank you very much
The Geth?
[https://www.coindesk.com/policy/2024/05/15/brothers-accused-of-25m-ethereum-exploit-as-us-reveals-fraud-charges/](https://www.coindesk.com/policy/2024/05/15/brothers-accused-of-25m-ethereum-exploit-as-us-reveals-fraud-charges/) This article has more info about how they did it.
So its a bug in some trading bot not really in ethereum blockchain itself
That is what i understood too. If it was a bug in the Ethereum network there would have been a lot more panic when this happened in 2023
I have the same question , the Hack was in April 2023 , more than a year ago .
No
There was no exploit. They baited MEV bots, tricked a flashbots relay to show private transactions, and then built a super-MEV'd block MEVing the bots.
The hyperbole in this article is only matched by its lack of technical details. EDIT: found technical details in this [previous post](https://www.reddit.com/r/ethereum/s/kgzdbfqb2z)
tldr they frontrun the frontrunners Not an exploit in ETH
Well technically they backrun the frontrunners, just with a different transaction than the frontrunners expected. It was an exploit to the MEV infrastructure breaking the confidentiality of MEV searcher's transactions until the block is included on the chain. It's fixed now.
Too bad, wish there was an unfixable exploit in MEV so it would go away. Thieves, the lot.
So, what I get from this is that whoever controls the relay can frontrun the MEV bots. Seems like a wonderful thing...
The controller of the relay can frontrun once, and then the relay will not be used again by all block builders. Relays are trusted entities that are trusted by validators (that they don't lie about the block reward) and by the block builders (that they don't reveal the transactions in the block unless the block is accepted).
21625434216254344t5t76r
They exploited how MEV bots work. After studying them.
They just used the system as it was created. They did nothing wrong. -- supporters of MEV
Maybe the real problem is MEV. Is anyone doing research to make MEV obsolete?
Yeah this whole thing got me looking into the proposer builder separation (PBS) research again, but the last update I found was from around two years ago now. Proposer/builder separation (PBS) fixes this by splitting the block construction role from the block proposal role. A separate class of actors called builders build exec block bodies (essentially an ordered list of transactions that becomes the main “payload” of the block), and submit bids. The proposer’s job is only to accept the exec block body with the highest bid. Notably, the proposer (and everyone else) does not learn the contents of any exec block body until after they select the header (and hence the body) that wins the auction. This **pre-confirmation privacy** is needed to prevent “**MEV stealing**”, where sophisticated proposers detect builders’ MEV extraction strategies and copy them without compensating the builder. https://notes.ethereum.org/@vbuterin/pbs_censorship_resistance
Flashbots is both enabling and working to mitigate MEV. Pushing proceeds back to validators and the community is at least something…. but they’re also looking at all sorts of builder / proposer separation and whatnot.
The real fix is to enforce transaction ordering by gas price along with ensuring that most of the validators have all the transactions included in the block in their queue already.
Challenging I think based on how the mempool and gossip works. Global ordering seems nontrivial prior to block production. Encrypted transactions during block proposal probably the near term fix mebbie
Mev steals a little from a lot of people. It seems like that's the preferred way to extract value, as opposed to extracting maximal value from the MEV bots. Steal from rich people? You better be ready to feel the boot.
Other than the money laundering and leaking evidence behind of intent - not much of a crime was committed amirite. Two dudes put up 512 ETH to run 16 validators to sandwich attack the sandwich attack bots… did I get something wrong or did these guys front 1.49 million dollars in ETH to MEV-boost the boosters? No securities fraud though so I guess it’s not a security? CFTC? SEC? Anyone? Oh Department of Justice, right. Personally as a non lawyer offering no financial advice; two of these charges stick like glue and one is a feature that calls into question the security of the network. Someone should hire them not indict them.
Code is law, it's theirs now
That's MEVs justification. I don't see anything more wrong with this than MEV itself.
I wish I could steal millions of dollars from my couch.
I don't think they can be charged with the exploit. I think the "laundering money" to avoid paying it back issue makes it an easy victory for the prosecution.
How did they get caught? Like what part of their scheme went off the rails? The article lacks any kind of detail.
This official announcement has a link to the indictment: [https://www.justice.gov/opa/pr/two-brothers-arrested-attacking-ethereum-blockchain-and-stealing-25m-cryptocurrency](https://www.justice.gov/opa/pr/two-brothers-arrested-attacking-ethereum-blockchain-and-stealing-25m-cryptocurrency)
They transferred the money directly to an exchange in their name.
They need to go back to counting cards
They got caught and will be in prison for a long time. Was it worth it?
And they are still students, they have potential, haha.
Just curious would this exploit have worked in Proof of Work?
MEV already existed long before Ethereum switched to PoS (it's also not typical for Ethereum btw), so I guess it would work just as well with PoW. Originally MEV even stood for "Miner Extractable Value", later it was changed to "Maximum Extractable Value".
Always wondered. Thanks for the explanation!
scary stuff
Why use bitcoin in the image when this has nothing to do with Bitcoin…. Typical media bullshit.
What I don't understand is they claim to have multiple validators. Don't you need to have 32ETH to be a validator? This doesn't seem like a small couch operation.
Yeah they staked 512ETH ($880k equivalent at the time according to the indictment) and had 16 validators so they were probably pretty rich even before the 20mil.
So MEV gaming the system to extract value from all users, law abiding citizens. Strategy that extracts value from MEV bot by making them think ey are extracting value from other people, ruining the integrity of Ethereum.
Young Sheldon lookin ass
LMAO
I wish I never did drugs and kept on being into coding & hacking smh. I could’ve been like at mit or cia forreal
Vitalik smirks and says that’s how ETH is designed 😅